Trading Quant

This skill is plausible for market analysis, but inspect and sandbox it before trusting it with real data. Specific things to check or do before installing: - Review scripts/lib/analysis/industry_classifier.py: it attempts to read a 'knowledge/watchlist.json' via a relative path outside the skill. If you keep any sensitive data in your agent workspace or knowledge directories, this could be read. Consider removing or sandboxing that behavior. - The code will create cache files (e.g., /tmp/quant_industry_cache.json) and use your home HuggingFace cache; expect large model downloads (FinBERT) if transformers isn't already cached. - No credentials are requested, but the skill will make network requests to public market APIs (Tencent, Sina, EastMoney, yfinance, HuggingFace). If you need to limit network or data exfiltration, run it in a restricted container/environment. - Confirm Python version and dependencies (SKILL.md uses python3.12; requirements.txt lists Python 3.10+). Install dependencies in a virtualenv before running. - If you plan to use this in an automated/always-on agent, remove or control any code that reads external files (watchlist path) or write caches to sensitive locations. Ask the publisher to justify the watchlist prefill and to document network endpoints and file I/O. If you can, run the tool in an isolated environment (container/VM) first and audit network calls (e.g., with a firewall or proxy) and file reads to ensure it only accesses intended resources.